Full Disclosure mailing list archives

Re: CVE-2014-5880 - Authentication Bypass in Oracle Demantra

From: Arron Dowdeswell <acd () 65535 com>
Date: Fri, 28 Feb 2014 15:28:29 +0000

Apologies, the CVE-ID for this advisory is actually CVE-2013-5880

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

CVE-2014-1216 - Remote Command Execution in Fitnesse Wiki Portcullis Advisories (Mar 01)
- CVE-2014-5880 - Authentication Bypass in Oracle Demantra Portcullis Advisories (Mar 01)
  - CVE-2014-5795 - Database Credentials Leak in Oracle Demantra Portcullis Advisories (Mar 01)
    - Re: CVE-2014-5795 - Database Credentials Leak in Oracle Demantra Arron Dowdeswell (Mar 01)
    - Re: CVE-2014-5795 - Database Credentials Leak in Oracle Demantra Portcullis Advisories (Mar 01)
    - CVE-2014-0371 - Reflective XSS in Oracle Demantra Portcullis Advisories (Mar 01)
  - Re: CVE-2014-5880 - Authentication Bypass in Oracle Demantra Arron Dowdeswell (Mar 01)
    - Re: CVE-2014-5880 - Authentication Bypass in Oracle Demantra Portcullis Advisories (Mar 01)
  - CVE-2014-0379 - Stored Cross-site Scripting in Oracle Demantra Portcullis Advisories (Mar 01)
    - CVE-2014-0372 - SQL Injection in Oracle Demantra Portcullis Advisories (Mar 01)
- CVE-2014-5877 - Local File Inclusion in Oracle Demantra Portcullis Advisories (Mar 01)
  - Re: CVE-2014-5877 - Local File Inclusion in Oracle Demantra Portcullis Advisories (Mar 01)
    - Re: CVE-2014-5877 - Local File Inclusion in Oracle Demantra Portcullis Advisories (Mar 01)
    - CVE-2014-2044 - Remote Code Execution in ownCloud Portcullis Advisories (Mar 06)
    - CVE-2014-2043 - SQL Injection in Procentia IntelliPen Portcullis Advisories (Mar 12)
    - CVE-2014-1222 - Local File Inclusion in Vtiger CRM Portcullis Advisories (Mar 12)